The vulnerability of the D-Link DBA-1510P network device’s microprogramming software lies in the lack of measures taken to neutralize special elements, allowing a hacker to execute arbitrary commands.

🗓️ 10 Dec 2019 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

D-Link DBA-1510P vulnerability allows remote arbitrary command execution due to unneutralized special elements.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2019-6014	17 Mar 202409:46	–	circl
CNVD	D-Link DBA-1510P OS Command Injection Vulnerability	7 Oct 201900:00	–	cnvd
CVE	CVE-2019-6014	26 Dec 201915:16	–	cve
Cvelist	CVE-2019-6014	26 Dec 201915:16	–	cvelist
EUVD	EUVD-2019-15582	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	JVN#95875796: Multiple OS command injection vulnerabilities in DBA-1510P	7 Oct 201900:00	–	jvn
Japan Vulnerability Notes	Multiple OS command injection vulnerabilities in DBA-1510P	7 Oct 201906:17	–	jvn
NVD	CVE-2019-6014	26 Dec 201916:15	–	nvd
OSV	CVE-2019-6014	26 Dec 201916:15	–	osv
Prion	Design/Logic Flaw	26 Dec 201916:15	–	prion

Vulners

Node

d-link dba-1510pRange≤1.70b009

Source	Link
jvn	www.jvn.jp/en/jp/JVN95875796/index.html
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2019100705
securitylab	www.securitylab.ru/vulnerability/501590.php
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/168501
dlink-jp	www.dlink-jp.com/release/26991
dlink-jp	www.dlink-jp.com/
web	www.web.nvd.nist.gov/view/vuln/detail

10 Dec 2019 00:00Current

CVSS 27.8

CVSS 38.8

EPSS0.0159

D-Link DBA-1510P remote command execution special elements microprogramming vulnerability